Google Analytics

Google Custom Search

"... an engineer who is not only competent at the analytics and technologies of engineering, but can bring value to clients, team well, design well, foster adoptions of new technologies, position for innovations, cope with accelerating change and mentor other engineers" -- CACM 2014/12

Syndicate This Blog

Sunday, December 31. 2017

wifianalyzer for Android, shows what station IDs are on what channels, handles 2.4g and 5G
connections, etc. Doesn't provide mapping, just shows "from where I am right know, what channels have which stations as what strengths?"

Nanobeam:

NanoBeam® AC is a directional antenna/radio integrated unit and is intended as a point
to point or point-to-multipoint WISP client radio. The one feature you can
get from it very cheaply is a directional, 2x2 MIMO 5.x GHz band spectrum
analyzer that sees things *which are not 802.11 or wifi based. sample images

Highly useful for tracking down a specific source of non-wifi 5 GHz band
interference. There's all sorts of random consumer grade things people can
buy and introduce into an environment which do not broadcast MAC addresses
or SSIDs, and do not show up on purely 802.11(abgn/ac) based tools.

It will of course also see hidden SSIDs and standard+non-standard
802.11abgn(ac) emitters.

There are also 2.4 GHz versions of similar products which will let you find
non-802.11 emitters in the 2300 to 2500 MHz band. At $79 a lot less
expensive than a "real" spectrum analyzer.

You can get DC PoE injectors for them which will connect to a Makita drill
battery if you want to make it portable and wander around with a laptop.

I run check_mk for monitoring some servers. Currently, the check_mk host uses ssh connections to acquire the data from the check_mk monitored host.

Journey into the SaltMine to keep nagios fed with check_mk shows some ways of not using ssh, but to use minion/master interactions to capture the data. I am leaning towards revisiting this by using SaltStack's inotify beacon to signal captured file changes, which then trigger events and orchestration to transfer the data from the minion/host to the check_mk/monitor. And I think it can be done in a way such that the salt master doesn't necessarily need to reside on the check_mk monitor. [as a note, the article shows some file locking mechanisms which might come in handy when I try to tackle this].

But, first, I wanted to prove the theory in a different scenario. This example uses three hosts:

monitored host, which is running the salt-minion, and on to which the check_mk monitoring agent is to be installed,

monitoring host, which is check_mk, and also has a salt-minion installed, and the

salt-master, which controls the state and interactions between hosts

The monitoring host will use ssh to connect to the monitored host and access the agent. During the first ssh session, a manual intervention is typically required to confirm usage of the destination's public host key, which then goes into the ~/.ssh/known_hosts file. '-o StrictHostKeyChecking=no' could be used as a simple work-around, but is not very security conscious. Instead, I came up with a series of SaltStack events and states to get the monitored host's public key into the monitoring host's known_hosts file.

There are a number of key sets in use:

When check_mk connects to an agent via ssh, it will typically use a local private key, and will require a shared public key in the monitored host's ~/.ssh/authorized_keys file. I use SaltStack states and pillars to distribute and install the public key, and make use of the "command="/usr/bin/check_mk_agent" option in the authorized_keys file

Each host has a unique public/private key. SSH uses this to prevent man in the middle attacks, and to ensure the host hasn't changed. This blog entry is about getting this monitored host's public key into the monitoring host's known_hosts file.

As a side note, I need to keep this handy for another project: DNS in OpenVPN: a better approach, which discusses using multiple copies of dnsmasq, spread over several sites, for maintaining zone based queries. The most interesting aspect is that of including reverse .in-addr.arpa entries in the configuration files, something into which I need to look.

Low End Box: a web site which presents hosting specials by many different VPS providers: VPS under $10 per month, physical servers under $50 per month. Over-subscription must work well for the casual user. The archives go back to 2008.

2018/10/04 - edgeLinux - provides the ideal platform to run all the Virtual Servers you need, easily and efficiently. By leveraging both virtualization (KVM) and bare-metal containerization (LXC), the user has maximum flexibility on how to get the most out of any hardware.

Disclaimer: This site may include market analysis. All ideas, opinions, and/or
forecasts, expressed or implied herein, are for informational purposes only and should not
be construed as a recommendation to invest, trade, and/or speculate in the markets. Any
investments, trades, and/or speculations made in light of the ideas, opinions, and/or
forecasts, expressed or implied herein, are committed at your own risk, financial or
otherwise.